Ransomware, Password-stealing Malware on the Rise

McAfee's threat report for the second quarter spotlights increases in ransomware, AutoRun worms and password-stealing malware.

The number of new ransomware samples jumped roughly 50 percent between the first and second quarters of 2012, according to a new report from McAfee.

Ransomware restricts access to infected computer systems so that attackers can extort payments in exchange for restoring access. According to McAfee, the number of new ransomware threats increased to more than 120,000 during the second quarter, a significant jump from the first quarter.

Just recently, the FBI issued another warning about a scheme that used ransomware known as Reveton along with the Citadel platform to infect users. Once the victim's computer was infected with Reveton, they would receive a demand posing as a message from authorities that claimed the infected computer had been locked due to a link to child pornography. The attackers would then demand payment.

The rip-off is nothing new, McAfee noted.

"Ransomware has increased during the last several quarters," the company noted. "This quarter we saw ransomware at its busiest ever. Ransomware is particularly problematic because the damage is instant and commonly a machine is rendered completely unusable. So not only is the victim s data destroyed, but some of the victim's money is also gone if he or she attempts to pay the attacker s ransom. And although it is a personal disaster for a home user to lose years worth of data, pictures and memories, the situation can be much worse in an enterprise if the malware encrypts all the data that a victim has write-access to on a corporate network."

Ransomware was not the only type of malware to increase during the quarter. Overall, the firm detected an increase of 1.5 million in malware since the first quarter of the year. Thumb drive and password-stealing malware grew significantly. With nearly 1.2 million new samples of AutoRun worms detected, AutoRun malware posed a challenge during the quarter. In addition, 1.6 million new samples of password-stealing malware were detected.

Rootkits rose slightly in the quarter, with Koutodor showing tremendous growth. Meanwhile, detections of the ZeroAccess and TDSS rookits declined somewhat compared to the first quarter.